BCrypt is an implementation of the Blowfish cipher and a computationally-expensive hash function mostly used for password hashing.

The recent Ashley Madison hack has shown how to make your originally safe password hashing useless. Many passwords have been already decrypted that way and it again turns out that most passwords are super simple and predictable. It shows that even if the passwords wouldn’t have been cracked, hackers could still run word-lists on the hashes and get access to the accounts easily. Always choose a strong password and use them only once.

All passwords should be hashed before entering a database because you have to consider the scenario where some malicious user attempts to gain entry into your data. Passwords are sensitive pieces of information that you don't want people to see.